View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Western Telematic Inc Equipment: NPS Series, DSM Series, CPM Series Vulnerability: External Control of File Name or Path 2. RISK EVALUATION Successful
Continue ReadingCategory: Dynamic Threat Feeds
Rockwell Automation 1756-L8zS3 and 1756-L3 and 1756-L3
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: 1756-L8zS3, 1756-L3zS3 Vulnerability: Improper Handling of Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a
Continue ReadingSchneider Electric Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC Vulnerability: Incorrect Calculation of Buffer Size 2. RISK EVALUATION Successful exploitation
Continue ReadingISC Stormcast For Tuesday, February 4th, 2025 https://isc.sans.edu/podcastdetail/9308, (Tue, Feb 4th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingCVE-2023-6080: A Case Study on Third-Party Installer Abuse
Written By: Jacob Paullus, Daniel McNamara, Jake Rawlins, Steven Karschnia Executive Summary Mandiant exploited flaws in the Microsoft Software Installer (MSI) repair action of Lakeside Software's SysTrack installer to obtain arbitrary code execution. An attacker with
Continue ReadingCrypto Wallet Scam, (Mon, Feb 3rd)
Johannes noticed a SPAM comment on his YouTube channel: It was clear to us that this was a scam, but it wasn't clear to us how it worked. The seed phrase allows you to derive the
Continue ReadingISC Stormcast For Monday, February 3rd, 2025 https://isc.sans.edu/podcastdetail/9306, (Mon, Feb 3rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingTo Simulate or Replicate: Crafting Cyber Ranges, (Fri, Jan 31st)
The Good Stuff First This tool is being shared (calling it a tool is generous) due to the number of times last year I had to create fake internet domains. It adds domains and zones to Windows
Continue ReadingISC Stormcast For Friday, January 31st, 2025 https://isc.sans.edu/podcastdetail/9304, (Fri, Jan 31st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingWorking in Singapore at the World’s Largest Intelligence Company
Did you know? Recorded Future operates out of seven offices worldwide. Besides our US locations, we have offices in London, Gothenburg, Dubai, Tokyo, and Singapore. With over 42 nationalities and at least as many spoken languages,
Continue Reading